Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM - Internet Radio Done Right
45 subscribers
Checked 23d ago
הוסף לפני four שנים
תוכן מסופק על ידי Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לSecurity Cryptography Whatever
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
The Data Skeptic Podcast features interviews and discussion of topics related to data science, statistics, machine learning, artificial intelligence and the like, all from the perspective of applying critical thinking and the scientific method to evaluate the veracity of claims and efficacy of approaches.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
Daily Deals
פודקאסטים ששווה להאזין
בחסות
Y
Young and Profiting with Hala Taha (Entrepreneurship, Sales, Marketing)
1 Reid Hoffman: LinkedIn Co-Founder on Building and Scaling Massively Valuable Companies Fast | Entrepreneurship | E332 51:40
51:40 
הפעל מאוחר יותר 
הפעל מאוחר יותר 
רשימות 
לייק 
אהבתי51:40
הפעל מאוחר יותר
הפעל מאוחר יותר
רשימות
לייק
אהבתיDespite having a strong product idea, Reid Hoffman’s first startup collapsed, forcing him to return investors’ capital. This tough experience reshaped his approach to entrepreneurship. By embracing failure, iterating quickly, and adapting relentlessly, he went on to become a leader at PayPal and later, the co-founder of LinkedIn. In this episode, Reid shares the concept of blitzscaling, which prioritizes speed over perfection, smart strategies for taking risks, and insights on achieving rapid market dominance. In this episode, Hala and Reid will discuss: (00:00) Introduction (01:32) Building Impact-Driven Businesses (02:56) Why We Need More Entrepreneurs (04:31) The Vision Behind LinkedIn’s Success (06:43) Lessons from a Failed Startup (09:26) Making Quick, Intense Decisions at PayPal (12:39) Blitzscaling: Prioritizing Speed Over Efficiency (18:10) Maintaining Company Culture While Scaling (21:20) The Power of Early Market Dominance (25:01) The Five Stages of Company Growth (28:54) Strategies for Taking Intelligent Risks (31:44) Why Product Perfection Delays Success (33:25) Pivoting Early to Seize New Opportunities (36:18) Entrepreneurship as a Team Sport Reid Hoffman is an entrepreneur, investor, partner at Greylock, and co-founder of LinkedIn and Inflection AI. He was an executive at PayPal and a founding investor in several companies, including OpenAI. Reid actively supports various non-profits and has received numerous accolades, including an honorary CBE from the Queen of England and the Salute to Greatness Award from the Martin Luther King Jr. Center for his philanthropic efforts. Resources Mentioned: Reid’s Book, Blitzscaling: The Lightning-Fast Path to Building Massively Valuable Companies : amzn.to/4jnQkfQ Sponsored By: OpenPhone - Get 20% off 6 months at openphone.com/PROFITING Shopify - Sign up for a one-dollar-per-month trial period at youngandprofiting.co/shopify Airbnb - Your home might be worth more than you think. Find out how much at airbnb.com/host Rocket Money - Cancel your unwanted subscriptions and reach your financial goals faster with Rocket Money. Go to rocketmoney.com/profiting Indeed - Get a $75 job credit at indeed.com/profiting RobinHood - Receive your 3% boost on annual IRA contributions, sign up at robinhood.com/gold Active Deals - youngandprofiting.com/deals Key YAP Links Reviews - ratethispodcast.com/yap Youtube - youtube.com/c/YoungandProfiting LinkedIn - linkedin.com/in/htaha/ Instagram - instagram.com/yapwithhala/ Social + Podcast Services: yapmedia.com Transcripts - youngandprofiting.com/episodes-new All Show Keywords: Entrepreneurship, entrepreneurship podcast, Business, Business podcast, Self Improvement, Self-Improvement, Personal development, Starting a business, Strategy, Investing, Sales, Selling, Psychology, Productivity, Entrepreneurs, AI, Artificial Intelligence, Technology, Marketing, Negotiation, Money, Finance, Side hustle, Startup, mental health, Career, Leadership, Mindset, Health, Growth mindset. Career, Success, Entrepreneurship, Productivity, Careers, Startup, Entrepreneurs, Business Ideas, Growth Hacks, Career Development, Money Management, Opportunities, Professionals, Workplace, Career podcast, Entrepreneurship podcast…
Zero Day Markets with Mark Dowd
Manage episode 425348555 series 2956114
תוכן מסופק על ידי Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
We have Mark Dowd on, founder of Aziumuth Security and one of the authors of The Art of Software Security Assessment, to talk about the market for zero day vulnerabilities, and how mitigations affect monetizing offensive security work.
Transcript: https://securitycryptographywhatever.com/2024/06/24/mdowd/
Links:
- https://www.azimuthsecurity.com/
- https://www.vigilantlabs.com/
- https://github.com/mdowd79/presentations/blob/main/bluehat2023-mdowd-final.pdf
- https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Hack-Different-Pwning-IOS-14-With-Generation-Z-Bug-wp.pdf
- https://i.blackhat.com/USA-19/Wednesday/us-19-Shwartz-Selling-0-Days-To-Governments-And-Offensive-Security-Companies.pdf
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
פרקים
1. Mark Dowd (00:00:00)
2. After Dark (01:03:20)
54 פרקים
שתפוManage episode 425348555 series 2956114
תוכן מסופק על ידי Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
We have Mark Dowd on, founder of Aziumuth Security and one of the authors of The Art of Software Security Assessment, to talk about the market for zero day vulnerabilities, and how mitigations affect monetizing offensive security work.
Transcript: https://securitycryptographywhatever.com/2024/06/24/mdowd/
Links:
- https://www.azimuthsecurity.com/
- https://www.vigilantlabs.com/
- https://github.com/mdowd79/presentations/blob/main/bluehat2023-mdowd-final.pdf
- https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Hack-Different-Pwning-IOS-14-With-Generation-Z-Bug-wp.pdf
- https://i.blackhat.com/USA-19/Wednesday/us-19-Shwartz-Selling-0-Days-To-Governments-And-Offensive-Security-Companies.pdf
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
פרקים
1. Mark Dowd (00:00:00)
2. After Dark (01:03:20)
54 פרקים
כל הפרקים
×
1 Picking Quantum Resistant Algorithms 14:56
14:56 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי14:56
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיMigrating the US government to quantum-resistant cryptography is hard, luckily the gamer presidents are on it. This episode is extremely not safe for work, nor does it reflect the political opinions of, well, anybody. "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 Apple Pulls Advanced Data Protection in the UK with Matt Green and Joe Hall 48:30
48:30 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי48:30
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיApple has pulled the availability of their opt-in iCloud end-to-end encryption feature, called Advanced Data Protection, in the UK. This doesn't only affect UK Apple users, however. To help us make sense of this surprising move from the fruit company, we got Matt Green, Associate Professor at Johns Hopkins, and Joe Hall, Distinguished Technologist at the Internet Society, on the horn. Recorded Saturday February 22nd, 2025. Transcript: https://securitycryptographywhatever.com/2025/02/24/apple-pulls-adp-in-uk/ Watch episode on YouTube: https://youtu.be/LAn_yOGUkR0 Links: - https://www.lawfaremedia.org/article/apples-cloud-key-vault-and-secure-law-enforcement-access - https://www.androidcentral.com/how-googles-backup-encryption-works-good-bad-and-ugly - https://gdpr.eu/right-to-be-forgotten/ - https://www.legislation.gov.uk/id/ukpga/2024/9 - https://www.nytimes.com/2021/05/17/technology/apple-china-censorship-data.html - https://en.wikipedia.org/wiki/Salt_Typhoon - Salt Typhoon: https://www.cisa.gov/news-events/news/strengthening-americas-resilience-against-prc-cyber-threats - https://www.bloomberg.com/news/articles/2025-02-21/apple-removes-end-to-end-encryption-feature-from-uk-after-backdoor-order - https://support.apple.com/en-us/102651 "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 Cryptanalyzing LLMs with Nicholas Carlini 1:20:42
1:20:42 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי1:20:42
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי'Let us model our large language model as a hash function—' Sold. Our special guest Nicholas Carlini joins us to discuss differential cryptanalysis on LLMs and other attacks, just as the ones that made OpenAI turn off some features, hehehehe. Watch episode on YouTube: https://youtu.be/vZ64xPI2Rc0 Transcript: https://securitycryptographywhatever.com/2025/01/28/cryptanalyzing-llms-with-nicholas-carlini/ Links: - https://nicholas.carlini.com - “Stealing Part of a Production Language Model”: https://arxiv.org/pdf/2403.06634 - ‘Why I attack"’: https://nicholas.carlini.com/writing/2024/why-i-attack.html - “Cryptanalytic Extraction of Neural Network Models”, CRYPTO 2020: https://arxiv.org/abs/2003.04884 - “Stochastic Parrots”: https://dl.acm.org/doi/10.1145/3442188.3445922 - https://help.openai.com/en/articles/5247780-using-logit-bias-to-alter-token-probability-with-the-openai-api - https://community.openai.com/t/temperature-top-p-and-top-k-for-chatbot-responses/295542 - https://opensource.org/license/mit - https://github.com/madler/zlib - https://ai.meta.com/blog/yann-lecun-ai-model-i-jepa/ - https://nicholas.carlini.com/writing/2024/how-i-use-ai.html "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 Biden’s Cyber-Everything Bagel with Carole House 57:14
57:14 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי57:14
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיJust a few days before turning off the lights, the Biden administration dropped a huge cybersecurity executive order including a lot of good stuff, that hopefully [cross your fingers, knock wood, spin around three times and spit] will last into future administrations. We snagged some time with Carole House, outgoing Special Advisor and Acting Senior Director for Cybersecurity and Critical Infrastructure Policy, National Security Council in the Biden-Harris White House, to give us a brain dump. And now due to popular demand, with video of our actual human¹ faces! https://youtu.be/Pqw0W2crQiM Transcript: https://securitycryptographywhatever.com/2025/01/20/bidens-cyber-everything-bagel-carole-house/ Links: - https://www.federalregister.gov/d/2025-01470 - https://www.wired.com/story/biden-executive-order-cybersecurity-ai-and-more/ - 2022 EO: https://archive.ph/hvzWd - 2023 EO: https://www.whitehouse.gov/wp-content/uploads/2023/06/M-23-16-Update-to-M-22-18-Enhancing-Software-Security-1.pdf - 2021 EO: https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity - NIST SSDF: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-218.pdf - https://www.federalregister.gov/documents/2015/04/02/2015-07788/blocking-the-property-of-certain-persons-engaging-in-significant-malicious-cyber-enabled-activities - IEEPA: https://www.govinfo.gov/content/pkg/USCODE-2023-title50/pdf/USCODE-2023-title50-chap35-sec1701.pdf ¹ Actual human faces not guaranteed in all cases "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 Quantum Willow with John Schanck and Samuel Jacques 53:36
53:36 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי53:36
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיTHE QUANTUM COMPUTERS ARE COMING...right? We got Samuel Jacques and John Schanck at short notice to answer that question plus a bunch of other about error correcting codes, logical qubits, T-gates, and more about Google's new quantum computer Willow. Transcript: https://securitycryptographywhatever.com/2024/12/18/quantum-willow Links: - https://blog.google/technology/research/google-willow-quantum-chip/ - https://research.google/blog/making-quantum-error-correction-work/ - https://blog.google/technology/google-deepmind/alphaqubit-quantum-error-correction/ - https://www.nature.com/articles/s41586-024-08449-y - Sam’s ‘Landscape of Quantum Computing’ chart: https://sam-jaques.appspot.com/quantum\_landscape\_2024 - The above, originally published in 2021: https://sam-jaques.appspot.com/quantum\_landscape - https://sam-jaques.appspot.com - https://jmschanck.info/ "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 Dual_EC_DRBG with Justin Schuh and Matthew Green 1:07:45
1:07:45 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי1:07:45
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיNothing we have ever recorded on SCW has brought so much joy to David. However, at several points during the episode, we may have witnessed Matthew Green's soul leave his body. Our esteemed guests Justin Schuh and Matt Green joined us to debate whether `Dual_EC_DRBG` was intentionally backdoored by the NSA or 'just' a major fuckup. Transcript: https://securitycryptographywhatever.com/2024/12/07/dual-ec-drbg Links: - Dicky George at InfiltrateCon 2014, 'Life at Both Ends of the Barrel - An NSA Targeting Retrospective': [https://youtu.be/qq-LCyRp6bU?si=MyTBKomkIVaxSy1Q](https://youtu.be/qq-LCyRp6bU?si=MyTBKomkIVaxSy1Q) - Dicky George: [https://www.nsa.gov/Press-Room/Digital-Media-Center/Biographies/Biography-View-Page/Article/3330261/richard-dickie-george/](https://www.nsa.gov/Press-Room/Digital-Media-Center/Biographies/Biography-View-Page/Article/3330261/richard-dickie-george/) - NYTimes on Sigint Enabling Project: [https://archive.nytimes.com/www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html](https://archive.nytimes.com/www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html) - On the Practical Exploitability of Dual EC in TLS Implementations: [https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-checkoway.pdf](https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-checkoway.pdf) - Wired - Researchers Solve Juniper Backdoor Mystery; Signs Point to NSA [https://www.wired.com/2015/12/researchers-solve-the-juniper-mystery-and-they-say-its-partially-the-nsas-fault/](https://www.wired.com/2015/12/researchers-solve-the-juniper-mystery-and-they-say-its-partially-the-nsas-fault/) - ProPublica - Revealed: The NSA's Secret Campaign to Crack, Undermine Internet Security [https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption](https://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption) - DDoSecrets - Sigint Enabling Project: [https://data.ddosecrets.com/Snowden%20archive/sigint-enabling-project.pdf](https://data.ddosecrets.com/Snowden%20archive/sigint-enabling-project.pdf) - IAD: [https://www.iad.gov/](https://www.iad.gov/) - Ars Technica - “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic: [https://web.archive.org/web/20151222023311/http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/](https://web.archive.org/web/20151222023311/http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/) - 2015 IMPORTANT JUNIPER SECURITY ANNOUNCEMENT: [https://web.archive.org/web/20151221171526/http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554](https://web.archive.org/web/20151221171526/http://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554) - Extended Random Values for TLS: [https://datatracker.ietf.org/doc/html/draft-rescorla-tls-extended-random-00](https://datatracker.ietf.org/doc/html/draft-rescorla-tls-extended-random-00) - The Art of Software Security Assessment: [https://www.amazon.com/Art-Software-Security-Assessment-Vulnerabilities/dp/0321444426](https://www.amazon.com/Art-Software-Security-Assessment-Vulnerabilities/dp/0321444426) "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 A Little Bit of Rust Goes a Long Way with Android's Jeff Vander Stoep 1:13:55
1:13:55 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי1:13:55
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיYou may not be rewriting the world in Rust, but if you follow the findings of the Android team and our guest Jeff Vander Stoep, you'll drive down your memory-unsafety vulnerabilities more than 2X below the industry average over time! 🎉 Transcript: https://securitycryptographywhatever.com/2024/10/15/a-little-bit-of-rust-goes-a-long-way/ Links: - https://security.googleblog.com/2024/09/eliminating-memory-safety-vulnerabilities-Android.html - “Safe Coding”: https://dl.acm.org/doi/10.1145/3651621 - “effectiveness of security design”: https://docs.google.com/presentation/d/16LZ6T-tcjgp3T8_N3m0pa5kNA1DwIsuMcQYDhpMU7uU/edit#slide=id.g3e7cac054a_0_89 - https://security.googleblog.com/2024/02/improving-interoperability-between-rust-and-c.html - https://github.com/google/crubit - https://github.com/google/autocxx - https://en.wikipedia.org/wiki/Stagefright_(bug) - https://security.googleblog.com/2021/04/rust-in-android-platform.html - https://chromium.googlesource.com/chromium/src/+/master/docs/security/rule-of-2.md - https://www.usenix.org/conference/usenixsecurity22/presentation/alexopoulos -https://kb.meinbergglobal.com/kb/time_sync/ntp/ntp_vulnerabilities_reported_2023-04 - https://blog.isosceles.com/the-legacy-of-stagefright/ - https://research.google/pubs/secure-by-design-googles-perspective-on-memory-safety/ - https://www.youtube.com/watch?v=QrrH2lcl9ew - https://source.android.com/docs/setup/build/rust/building-rust-modules/overview - https://github.com/rust-lang/rust-bindgen - https://security.googleblog.com/2021/06/rustc-interop-in-android-platform.html "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 Campaign Security with [REDACTED] 1:23:39
1:23:39 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי1:23:39
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיWith the 2024 United States Presidential Election right around the corner, we talk to an unnamed guest who has worked on cybersecurity for political campaigns in the United States since 2004. We recorded this in late August, 2024. Transcript: https://securitycryptographywhatever.com/2024/10/13/campaign-security/ Links: - Active Measures by Thomas Rind: https://us.macmillan.com/books/9780374287269/activemeasures - Aurora: https://en.wikipedia.org/wiki/Operation\_Aurora - Google APP announcement, October 2017: https://www.wired.com/story/google-advanced-protection-locks-down-accounts/ - XXD: https://linux.die.net/man/1/xxd - Adobe Reader October 2016 Security Update: https://helpx.adobe.com/security/products/acrobat/apsb16-33.html "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 Telegram with Matthew Green 1:04:04
1:04:04 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי1:04:04
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיWe finally have an excuse to tear down Telegram! Their CEO got arrested by the French, apparently not because the cryptography in Telegram is bad, but special guest Matt Green joined us to talk about how the cryptography is bad anyway, and you probably shouldn't use Telegram as a secure messenger of any kind! Transcript: https://securitycryptographywhatever.com/2024/09/06/telegram Links: - https://blog.cryptographyengineering.com/2024/08/25/telegram-is-not-really-an-encrypted-messaging-app/ - Lavabit / Ladar Levinson: https://en.wikipedia.org/wiki/Lavabit - Pavel Durov indictment statement from French authorities: https://www.tribunal-de-paris.justice.fr/sites/default/files/2024-08/2024-08-28%20-%20CP%20TELEGRAM%20mise%20en%20examen.pdf - MTProto 2.0 protocol spec: https://core.telegram.org/api/end-to-end - https://words.filippo.io/dispatches/telegram-ecdh/ - MTProto 1.0 (old no longer used): - https://web.archive.org/web/20131220000537/https://core.telegram.org/api/end-to-end#key-generation - OTR: https://otr.cypherpunks.ca/otr-wpes.pdf - AES and sha2 used in ‘Infinite Garble Extension’ mode: https://eprint.iacr.org/2015/1177.pdf - Four Attacks and a Proof for Telegram: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9833666 - History of Telegram e2ee chats availability: https://en.wikipedia.org/wiki/Telegram_(software)#Architecture - https://securitycryptographywhatever.com/2023/01/27/threema/ - https://securitycryptographywhatever.com/2022/11/02/Matrix-with-Martin-Albrecht-Dan-Jones/ - https://en.wikipedia.org/wiki/Matrix_(protocol), introduced in September 2014 "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
Are you going to be in Vegas during BlackHat / DEF CON? We're hosting a mixer, sponsored by Observa ! We have limited capacity, so please only register if you can actually come. Location details are in the confirmation email. Tickets will be released in batches, so if you get waitlisted, there's a good chance you still get in. Looking forward to seeing you in Vegas! Ticket Link: https://www.eventbrite.com/e/scwpod-vegas-2024-tickets-946939099337 We talk about CrowdStrike in this episode, but we know we made some mistakes: The sys files may be code in addition to data. The bug might be bigger than "just" a null pointer exception. Luckily, none of that is actually relevant to the main issues we discuss. Show page: https://securitycryptographywhatever.com/2024/07/24/summertime-sadness/ Other Links: https://csrc.nist.gov/projects/post-quantum-cryptography/post-quantum-cryptography-standardization https://dadrian.io/blog/posts/pqc-signatures-2024/ https://dadrian.io/blog/posts/cto/ https://www.blackhat.com/us-24/briefings/schedule/ https://terrapin-attack.com/ https://www.youtube.com/watch?v=-AqayGm0_pw More like ClownStrike, amirite? "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 Zero Day Markets with Mark Dowd 1:25:49
1:25:49 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי1:25:49
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיWe have Mark Dowd on, founder of Aziumuth Security and one of the authors of The Art of Software Security Assessment, to talk about the market for zero day vulnerabilities, and how mitigations affect monetizing offensive security work. Transcript: https://securitycryptographywhatever.com/2024/06/24/mdowd/ Links: https://www.azimuthsecurity.com/ https://www.vigilantlabs.com/ https://github.com/mdowd79/presentations/blob/main/bluehat2023-mdowd-final.pdf https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Hack-Different-Pwning-IOS-14-With-Generation-Z-Bug-wp.pdf https://i.blackhat.com/USA-19/Wednesday/us-19-Shwartz-Selling-0-Days-To-Governments-And-Offensive-Security-Companies.pdf "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
iykyk Transcript: https://securitycryptographywhatever.com/2024/05/25/ekr/ Links: - https://hovav.net/ucsd/dist/draft-shacham-tls-fasttrack-00.txt - https://crypto.stanford.edu/~dabo/pubs/papers/fasttrack.pdf - https://datatracker.ietf.org/doc/html/rfc8446 - SoK: SCT Auditing in Certificate Transparency: https://arxiv.org/pdf/2203.01661 - A hard look at Certificate Transparency, Part I: Transparency Systems: https://educatedguesswork.org/posts/transparency-part-1/ - A hard look at Certificate Transparency: CT in Reality: https://educatedguesswork.org/posts/transparency-part-2/ - E2EE on the web: is the web really that bad? https://emilymstark.com/2024/02/09/e2ee-on-the-web-is-the-web-really-that-bad.html - Launching Default End-to-End Encryption on Messenger: https://about.fb.com/news/2023/12/default-end-to-end-encryption-on-messenger/ - ekr's newsletter: https://educatedguesswork.org - Over 25 years of ekr RFCs: https://www.rfc-editor.org/search/rfc_search_detail.php?sortkey=Date&sorting=DESC&page=All&author=rescorla&pubstatus[]=Any&pub_date_type=any Subscribe to his newsletter at https://educatedguesswork.org/ "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 STIR/SHAKEN with Paul Grubbs and Josh Brown 1:01:47
1:01:47 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי1:01:47
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיJosh Brown and Paul Grubbs join us to describe how those damned spam calls work, and how STIR/SHAKEN is supposed to try to stop them, but have other privacy and security implications as well. Transcript: https://securitycryptographywhatever.com/2024/04/30/stir-shaken/ Links: - https://iacr.org/submit/files/slides/2024/rwc/rwc2024/98/slides.pdf - https://www.youtube.com/watch?v=3trxXF0-fRU - Paul Grubbs: https://web.eecs.umich.edu/~paulgrub/ "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
(NSFW) Three AI-generated guests rank cryptography things into a tier list. Play along at home and make your own tier list: https://tiermaker.com/create/cryptography-15683166 This episode is definitely not safe for work and definitely a parody. Do not base your decision in the 2024 election off of this podcast episode. No campaigns have endorsed this podcast. "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
1 Post-Quantum iMessage with Douglas Stebila 55:34
55:34 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי55:34
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיApple iMessage is getting a big upgrade! Not only are they rolling out ratcheting, but they’re going post-quantum, AND they’re doing post-quantum ratcheting! Douglas Stebila joined us to talk about his security analysis of the new PQ3 protocol update and not indulge our wild Apple speculations: Transcript: https://securitycryptographywhatever.com/2024/03/03/post-quantum-imessage-with-douglas-stebila/ Links: - https://security.apple.com/blog/imessage-pq3/ - Security analysis of the iMessage PQ3 protocol https://security.apple.com/assets/files/A_Formal_Analysis_of_the_iMessage_PQ3_Messaging_Protocol_Basin_et_al.pdf - Ratcheting design: https://eprint.iacr.org/2024/220.pdf - When Messages are Keys: Is HMAC a dual-PRF?: https://eprint.iacr.org/2023/861.pdf - Real World Deniability in Messaging: https://eprint.iacr.org/2023/403.pdf - Padmé: https://www.petsymposium.org/2019/files/papers/issue4/popets-2019-0056.pdf - Max Headroom: https://www.youtube.com/watch?v=cYdpOjletnc - Extended Canetti-Krawczyk model: https://iacr.org/archive/eurocrypt2001/20450451.pdf - Douglas Stebila: https://www.douglas.stebila.ca/ "Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)…
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
Daily Deals
Daily Deals
Daily Deals
דומה לSecurity Cryptography Whatever
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
The Data Skeptic Podcast features interviews and discussion of topics related to data science, statistics, machine learning, artificial intelligence and the like, all from the perspective of applying critical thinking and the scientific method to evaluate the veracity of claims and efficacy of approaches.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
